Using biometrics to prevent financial crime

Access & Identity Management Handbook 2018 Access Control & Identity Management, Integrated Solutions

Biometrics is about more than the fingerprint or retina terminal itself, it’s about storing data in forensically-signed databases, that is admissible in a court of law.

Wayne Olsen, Datacentrix security business unit manager.
Wayne Olsen, Datacentrix security business unit manager.

There’s no doubt that fraud in the workplace is a broad-ranging topic, but one of the most egregious kinds is surely financial fraud. It’s this type of fraud that directly hits the company’s bottom line. So let’s look at mitigating those cybercrime efforts that are directed at local organisations with financial crime as their primary strategy.

What is financially-motivated cybercrime?

Electronic fraud is really just the latest evolution of traditional crime. Many professional criminal syndicates have shifted their focus away from the old-world tactics of holding up banks, running black-market importing businesses or trading drugs, for instance. They’ve chosen an often far softer target: capitalising on the lack of security and stringent processes within many companies.

In recent years we’ve seen the art of social engineering become ever-more sophisticated, as fraudsters carefully gather data-sets from ‘helpful’ staff, building up this data to ultimately impersonate different parties. Armed with enough information, they may impersonate a supplier requesting that their bank details are changed; or they impersonate the CFO in requesting that payment orders are executed by his staff. Many have defined this kind of highly-targeted identity theft as ‘whaling’ – an evolved form of phishing.

The basics brilliantly

Many firms are investing tens of millions of rands in sophisticated security tools that deal with technical threats coming from all directions, but fail to effectively prevent financial losses because the basic processes are just not designed effectively.

Whatever the size of one’s company, in the finance department it is essential to segregate financial duties between different people. We often see firms stumbling due to a lack of basic rigour (such as mandating that a purchase order be checked with business unit managers before invoices are released for payment, or confirming that an employee has been fully off-boarded by implementing checks and balances across Payroll, HR, IT and other areas).

The solution

We’re generally familiar with the use of biometrics for basic, physical access and ‘time and materials’ record-keeping, but the opportunities for biometrics extend far further than this:

Each transaction can be biometrically-signed, so there is absolutely no doubt about who authorised a particular payment. With advanced biometrics solutions, full audit logs are created, tracing the journey of a particular transaction through its various stages of approval.

These audit logs can be introduced into a court of law if necessary, as they legally bind the actor (for example the financial administrator) to the transaction. This allows organisations to reach a level of certainty and accountability that was previously not possible with less-secure, password-based systems.

Irrefutable evidence

By positively connecting a physical person to each specific transaction, firms can eliminate the problems of passwords that are divulged or shared, or smartcards, tokens and one-time PIN numbers that can also be passed between individuals.

A biometrics approach can be used consistently across various enterprise applications – to deliver legally-valid transaction evidence, and essentially to act as an impartial witness to sensitive business transactions. By introducing this technology alongside policies (such as payment value thresholds for different members of staff), organisations can not only ensure that any fraud losses are traced back to particular individuals, but they can prevent fraud from happening in the first place.

For more information on Datacentrix’ fraud management offerings, please visit http://www.datacentrix.co.za/electronic-fraud-management.html





Share this article:
Share via emailShare via LinkedInPrint this page



Further reading:

Gallagher to showcase new Controller 7000 single door
Technews Publishing Access Control & Identity Management Products
Gallagher will be showcasing its latest access control innovation, the Controller 7000 Single Door on its stand at Intersec Dubai from 17-19 January 2023.

Read more...
31 percent of all IoT SIMs managed with third-party IoT CMPs
News Integrated Solutions
Berg Insight recently released new findings about the market for IoT connectivity management platforms (CMPs), a standard component in the value proposition from mobile operators and IoT MVNOs around the world.

Read more...
Smart car parking solution eases traffic flow
Dahua Technology South Africa CCTV, Surveillance & Remote Monitoring Integrated Solutions Products
Ethiopia’s first smart parking lot, designed to improve traffic flow and management efficiency, has been built and installed using Dahua Technology’s smart parking solutions.

Read more...
VMS 7.2 supports the investigation process and adds cloud capabilities
CCTV, Surveillance & Remote Monitoring Integrated Solutions Products
Qognify has launched the second release of its VMS, including extended support for body-worn video, additional functionalities to support investigations, and a new web client architecture. VMS 7.2 addresses the increasing use of body-worn video (BWV) across many sectors.

Read more...
Hytera and KZN Police Service roll out digital call handling system
Government and Parastatal (Industry) Asset Management, EAS, RFID Integrated Solutions
Hytera Communications announced that the municipality of Ray Nkonyeni in the KwaZulu-Natal province of South Africa is now using its digital call handling system for the reporting and recording of crimes.

Read more...
Smart parking management platform
Access Control & Identity Management Asset Management, EAS, RFID
Parket builds a seamless bridge between supply and the ever-increasing, but fluid – and often temporary – demand for parking bays.

Read more...
Visible-light facial recognition terminal
ZKTeco Access Control & Identity Management Products
The SpeedFace-V5L [P] is a visible-light facial recognition terminal using intelligently engineered facial recognition algorithms and the latest computer vision technology.

Read more...
Facial and palm verification
ZKTeco Access Control & Identity Management Products
The ProFace X [P] supports both facial and palm verification, with a large capacity and rapid recognition.

Read more...
Glide Master High Security 90° Sliding Gate
BoomGate Systems Access Control & Identity Management Products
Boomgate Systems was asked to make a sliding gate that can turn 90 degrees. The gate had to offer high security and be vandal-proof.

Read more...
Informing, entertaining and communicating across your landscape
Evolving Management Solutions Access Control & Identity Management
For the first time, the attraction of large shopping malls with many stores, entertainment and food courts no longer offers enough appeal to attract customers.

Read more...